Lucene search
K

3659 matches found

Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.5 views

PT-2023-25480 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue has been found, affecting the createDeleteCommand function of the ?r=article/default/delete file in the Delete Packet component. This issue leads to SQL injection and can be exploited...

8.8CVSS7AI score0.00646EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

IBOS SQL注入漏洞

IBOS is a collaborative office management system. An SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the createDeleteCommand function of file article/default/delete that causes sql injection...

8.8CVSS7.1AI score0.00646EPSS
Exploits1References4
NVD
NVD
added 2023/07/03 9:15 p.m.8 views

CVE-2023-36222

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...

5.4CVSS5.8AI score0.00639EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/07/03 9:15 p.m.4 views

CVE-2023-36222

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...

5.4CVSS6.5AI score0.00639EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2023/07/03 6:13 p.m.257 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

CVE-2022-44268 This repository contains a Proof of Concept P...

6.5CVSS7AI score0.89855EPSS
Exploits28
Cvelist
Cvelist
added 2023/07/03 12:0 a.m.12 views

CVE-2023-36222

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...

6AI score0.00639EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/07/03 12:0 a.m.9 views

CVE-2023-36222

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...

7.2AI score0.00639EPSS
Exploits1References3
OSV
OSV
added 2023/06/27 8:15 p.m.4 views

CVE-2020-18410

A stored cross site scripting XSS vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges...

4.8CVSS5.3AI score0.00392EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.3 views

Chaojicms 跨站脚本漏洞

Chaojicms is a super Cms web management system. A security vulnerability exists in Chaojicms v2.18, which originated from a discovery via /index.php?admin-master-article-edit that contains a cross-site scripting vulnerability. The vulnerability is exploited by an attacker to gain administrator...

4.8CVSS5AI score0.00392EPSS
Exploits1References2
Schneier on Security
Schneier on Security
added 2023/06/16 9:13 p.m.11 views

Friday Squid Blogging: Squid Can Edit Their RNA

This is just crazy: Scientists dont yet know for sure why octopuses, and other shell-less cephalopods including squid and cuttlefish, are such prolific editors. Researchers are debating whether this form of genetic editing gave cephalopods an evolutionary leg or tentacle up or whether the editing...

6.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/06/13 5:0 p.m.49 views

2023-06 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5027215)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/06/13 5:0 p.m.24 views

2023-06 Dynamic Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5027215)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/06/13 5:0 p.m.23 views

2023-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5027222)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/06/13 5:0 p.m.8 views

2023-06 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5027219)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/06/13 5:0 p.m.22 views

2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5027538)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/05/31 12:0 a.m.309 views

Lost And Found Information System 1.0 Broken Access Control / Privilege Escalation

Vulnerability: Broken Access Control Author: Akash Pandey CVE: CVE-2023-3018 Source: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Steps to re-produce: 1. Go to https://site.com/admin/?page=user/list as staff user...

7.1AI score0.00735EPSS
Exploits3
OSV
OSV
added 2023/05/27 10:15 a.m.7 views

CVE-2023-2928

A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file uploads/dede/articleallowurledit.php. The manipulation of the argument allurls leads to code injection. The attack can be launched remotely...

8.8CVSS5.5AI score0.51351EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/27 12:0 a.m.3 views

Desdev DedeCMS 代码注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. DedeCMS 5.7.106 before the version of t...

8.8CVSS7AI score0.51351EPSS
Exploits0References4
NVD
NVD
added 2023/05/26 5:15 p.m.28 views

CVE-2023-33780

A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...

5.4CVSS5.3AI score0.00472EPSS
Exploits1References1
OSV
OSV
added 2023/05/26 5:15 p.m.4 views

CVE-2023-33780

A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...

5.4CVSS6.2AI score0.00472EPSS
Exploits1References1
Rows per page
Query Builder